The bucket I have set up on S3 is using HTTP rather than HTTPS in the URLs returned by the API and this is causing mixed content warnings on the page displaying links to the files. Is there a way to configure the bucker to use HTTPS?
Asked
Active
Viewed 945 times
0
-
1Possible duplicate of [How to Configure SSL for Amazon S3 bucket](https://stackoverflow.com/questions/11201316/how-to-configure-ssl-for-amazon-s3-bucket) – Quentin May 23 '19 at 14:13
-
It is not using a custom domain. It is only a publicly access bucket for storing files. – AlanP May 23 '19 at 16:05
-
Most of those answers say "not unless you use a custom domain" not "assuming you are using a custom domain". – Quentin May 23 '19 at 16:56
-
Can you give us an example of the URL you are using (you can change the bucket name)? What error do you get if you try to access the bucket via HTTPS? – John Rotenstein May 24 '19 at 00:12
-
John, I'm using the AWS PHP SDK function headObject to get the URL of the file in the bucket. I've always received URLs using HTTPS, but another person using my code is receiving URLs with HTTP. Something must be different about their bucket configuration, what could that be? I assume, for security, bucket file URLs would use HTTPS by default. – AlanP May 27 '19 at 21:58
1 Answers
1
Use AWS CloudFront.
- Make your S3 bucket an origin for your AWS CloudFront distribution.
- Configure your AWS CloudFront distribution to use HTTPs, preferably with a certificate from AWS Certificate Manager.
- Create a friendly CNAME record in Route 53 for your AWS CloudFront distribution URL, but make sure the hosted zone name matches your certificate name.
programmerj
- 1,634
- 18
- 29